We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-50286

ksmbd: fix slab-use-after-free in ksmbd_smb2_session_create



Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-use-after-free in ksmbd_smb2_session_create There is a race condition between ksmbd_smb2_session_create and ksmbd_expire_session. This patch add missing sessions_table_lock while adding/deleting session from global session table.

Reserved 2024-10-21 | Published 2024-11-19 | Updated 2024-12-19 | Assigner Linux

Product status

Default status
unaffected

0626e6641f6b467447c81dd7678a69c66f7746cf before f56446ba5378d19e31040b548a14ee9a8f1500ea
affected

0626e6641f6b467447c81dd7678a69c66f7746cf before e923503a56b3385b64ae492e3225e4623f560c5b
affected

0626e6641f6b467447c81dd7678a69c66f7746cf before e7a2ad2044377853cf8c59528dac808a08a99c72
affected

0626e6641f6b467447c81dd7678a69c66f7746cf before 0a77715db22611df50b178374c51e2ba0d58866e
affected

Default status
affected

5.15
affected

Any version before 5.15
unaffected

6.1.117
unaffected

6.6.61
unaffected

6.11.8
unaffected

6.12
unaffected

References

git.kernel.org/...c/f56446ba5378d19e31040b548a14ee9a8f1500ea

git.kernel.org/...c/e923503a56b3385b64ae492e3225e4623f560c5b

git.kernel.org/...c/e7a2ad2044377853cf8c59528dac808a08a99c72

git.kernel.org/...c/0a77715db22611df50b178374c51e2ba0d58866e

cve.org (CVE-2024-50286)

nvd.nist.gov (CVE-2024-50286)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-50286

Support options

Helpdesk Chat, Email, Knowledgebase
Subscribe to our newsletter to learn more about our work.